A new piece of malware which disguises itself as a PDF download and could give hackers remote access to a computer has been discovered as a potential threat to Mac users.

The trojan, identified as Trojan-Dropper:OSX/Revir.A, opens a botnet backdoor by tricking the user into downloading and opening a Chinese language PDF file while it installs itself in the background, according to security researchers at F-Secure.

The command-and-control center of the trojan is currently a bare Apache installation that has been sitting dormant at its domain since May and is not yet capable of communicating with any backdoors. This has led researchers to believe that they have found a malware in the making.

Trojans typically mask themselves as a PDF and infect systems while the user is busy opening the file. But researchers believe that this particular sample may be stealthier than usual malware.

The new trojan differs from most Windows PDF malware in that it arrived to researchers without the usual "pdf.exe" extension or icon. Researchers note that because extension and icon data are stored and displayed differently on Macs, this sample could be more difficult to detect than Windows counterparts, as it can adopt any extension desired.

The technique of using a PDF file as a ruse for the propagation of malware has been a mainly Windows problem in the past, remaining a minimal threat to Mac users.

It is unclear how this malware is spreading, but researchers believe that the most likely mode of circulation is via e-mail attachment. The researchers suggested the author of the trojan could simply be "testing the water" to see if their creation is identified by various antivirus applications.

I'm not even going to bother to get into any PC vs Mac virus debate, but I will say that I am glad that I don't have to run any virus program on my Macs.

As for this malware mentioned in the article, if it's delivered by an email attachment, then I'd say that the main people who are most at risk of getting it are stupid people. No OS is secure enough to protect morons from their own stupidity.

I also think that in certain cases, the death penalty would be an appropriate punishment for criminals behind email spam, malware and viruses.

This is a Trojan Horse. That's a different animal. You can see a Trojan Horse albeit in its disguise of course and it requires to be opened/started by YOU to become active!

A virus is an, under normal circumstances, invisible file that can sneak through your ports without you noticing it and then execute itself in the background on your PC. No user involvement required.

There are no viruses for OSX (yet).
So antivirus software for OSX is a crock.
There are a few Trojan Horses for OSX. Less than a handful, afaik. But they could come in thousands of different disguises, of course!

don't download and install things from non-official sites got it. You think they should teach common internet protocols at schools. I mean last i checked (in california) there is still a year requirement of a computer class, such as learning to type as well as one other computer elective. They really need to start informing people on good computer usage. It's a good skill to have today.

don't download and install things from non-official sites got it. You think they should teach common internet protocols at schools. I mean last i checked (in california) there is still a year requirement of a computer class, such as learning to type as well as one other computer elective. They really need to start informing people on good computer usage. It's a good skill to have today.

That's not how this one would be delivered, if there was anything taking advantage of it. There isn't (yet) according to articles. Since this one can spoof any type of file, not just a PDF, simply use common sense. If you get an email with an attachment, perhaps an image file/picture or excel file, from someone that you don't know, or even an unexpected one from someone you might, just don't open it. Simple.

I understand where all of you are coming from but when there's commercials running ad nauseum about how Mac OS does not get viruses (most people DO NOT know the difference between a virus, a Trojan horse or malware), then they are lulled into thinking they're computers are safe and will open whatever from whomever.

"Few things are harder to put up with than the annoyance of a good example" Mark Twain"Just because something is deemed the law doesn't make it just" - SolipsismX

Funny how the biggest threats to OS X are from Adobe-created products.

Quote:

Originally Posted by dasanman69

I understand where all of you are coming from but when there's commercials running ad nauseum about how Mac OS does not get viruses (most people DO NOT know the difference between a virus, a Trojan horse or malware), then they are lulled into thinking they're computers are safe and will open whatever from whomever.

1) Where are these commercials?

2) When did haven't yet been subjected to a barrage of viruses mean they can't possibly get viruses?

Dick Applebaum on whether the iPad is a personal computer: "BTW, I am posting this from my iPad pc while sitting on the throne... personal enough for you?"

This is not "targeting OSX". Although OSX may be included in the "vulnerable systems" list, there really is a huge difference there.

Especially when the article goes on to say, basically, how it's really most dangerous for Windows machines…

Come on. "Malware"…? How about "Virus" or "Trojan"…? Be as specific as the content of the article.

If it's really "TARGETING OSX", then I'd like to see the article reflect that. Otherwise, tone down the headline… There's enough FUD in the world. I like it that I don't have to deal with it here much at AI… now is not a good time to start.

This is a Trojan Horse. That's a different animal. You can see a Trojan Horse – albeit in its disguise of course – and it requires to be opened/started by YOU to become active!

A virus is an, under normal circumstances, invisible file that can sneak through your ports without you noticing it and then execute itself in the background on your PC. No user involvement required.

There are no viruses for OSX (yet).
So antivirus software for OSX is a crock.
There are a few Trojan Horses for OSX. Less than a handful, afaik. But they could come in thousands of different disguises, of course!

These are probably not the most accurate definitions of a Trojan and virus that I have ever seen. A virus sneaks through your ports? A computer virus is code that can self-replicate and potentially infect other files. A Trojan Horse is an application or file that pretends to be something it's not to trick the user into running it and it usually performs a malicious function. Both a virus and a Trojan horse are usually introduced into the network as a result of the user.

An example of a virus is downloading a pirated copy of Diablo II that has it's binary infected. When the game is ran, the code copies itself to other installed applications to spread itself.

I understand where all of you are coming from but when there's commercials running ad nauseum about how Mac OS does not get viruses (most people DO NOT know the difference between a virus, a Trojan horse or malware), then they are lulled into thinking they're computers are safe and will open whatever from whomever.

Please tell us all more about these imaginary commercials you speak off.

Funny how the biggest threats to OS X are from Adobe-created products.

1) Where are these commercials?

2) When did haven't yet been subjected to a barrage of viruses mean they can't possibly get viruses?

C'Mon soli, have u quickly forgotten the I'm a Mac, and I'm a PC barrage of commercials? It's been a few years since they aired but they were quite effective and go into any Apple store or Best Buy and the salesperson will say "buy a Mac if you're worried about getting viruses". Most people don't keep up with current events. I often recommend plasma TVs to people and every single one responds the same way "what about the 5 yr life, burn in, etc...." all those things have not been true for years but they hear it once and never bother to check again.

"Few things are harder to put up with than the annoyance of a good example" Mark Twain"Just because something is deemed the law doesn't make it just" - SolipsismX

This is a Trojan Horse. That's a different animal. You can see a Trojan Horse albeit in its disguise of course and it requires to be opened/started by YOU to become active!

A virus is an, under normal circumstances, invisible file that can sneak through your ports without you noticing it and then execute itself in the background on your PC. No user involvement required.

There are no viruses for OSX (yet).
So antivirus software for OSX is a crock.
There are a few Trojan Horses for OSX. Less than a handful, afaik. But they could come in thousands of different disguises, of course!

Apple says you don't have to worry about these things. Even if they are Trojans. And even if you install them yourself

And to quote... "I am a Mac OS X so I don't have to worry about spyware and viruses"

C'Mon soli, have u quickly forgotten the I'm a Mac, and I'm a PC barrage of commercials? It's been a few years since they aired but they were quite effective and go into any Apple store or Best Buy and the salesperson will say "buy a Mac if you're worried about getting viruses". Most people don't keep up with current events. I often recommend plasma TVs to people and every single one responds the same way "what about the 5 yr life, burn in, etc...." all those things have not been true for years but they hear it once and never bother to check again.

1) Get a Mac ads ran from 2006 to 2010. We're almost into 2012. Where are these commercials running, to quote, ad nauseum?

2) Listen to the wording of the Trust Mac ad. They clearly state "I [Mac] don't have to worry about your [Windows PC] spyware and viruses." No where does Apple state that Mac OS X can't ever be infected with spyware or viruses. Do you see what the marketing department did there?

Dick Applebaum on whether the iPad is a personal computer: "BTW, I am posting this from my iPad pc while sitting on the throne... personal enough for you?"

Nasty little bugger, very difficult to eradicate, a delicate procedure only for the learned back then.

KOB

Wrong on several accounts. nVIR-A dates back to 1987 when System 4.1 was extant. This was something like eight years prior to System 7.5--not MacOS 7.5. However, Mac System Software through MacOS 8 were vulnerable to it. However, It could easily be eradicated by running one of the commercial Mac antivirus utilities like Symantec Antivirus for Macintosh or free Mac antivirus utilities like Disinfectant.

1) Get a Mac ads ran from 2006 to 2010. We're almost into 2012. Where are these commercials running, to quote, ad nauseum?

2) Listen to the wording of the Trust Mac ad. They clearly state "I [Mac] don't have to worry about your [Windows PC] spyware and viruses." No where does Apple state that Mac OS X can't ever be infected with spyware or viruses. Do you see what the marketing department did there?

Those commercials were run ad nauseum during that time. I barely watch TV and saw them a multitude of times, and do you really believe people picked up on that play with words? So either they're conveying that they don't get viruses or by using "your" they're insinuating that there indeed are viruses that can infect a Mac just not the same ones that infect PCs. Which is it? You can't have it both ways.

"Few things are harder to put up with than the annoyance of a good example" Mark Twain"Just because something is deemed the law doesn't make it just" - SolipsismX

Those commercials were run ad nauseum during that time. I barely watch TV and saw them a multitude of times, and do you really believe people picked up on that play with words?

1) So something that occurred years prior are to be held accountable today regardless of how relevant the data is? In that case I guess you should include all the viruses that affected Mac OS prior to Mac OS X.

2) It's marketing. It's their job to make a product look more positive than it is without lying. Apple has never claimed Mac OS X can't get malware. Do you not see the Security pane in System Preferences? Apple has even quarantined potential threats in several version of Mac OS, and now has a preference pane option for auto-updating a safe downloads list. This is Apple dealing with security, not ignoring it.

Dick Applebaum on whether the iPad is a personal computer: "BTW, I am posting this from my iPad pc while sitting on the throne... personal enough for you?"

1) So something that occurred years prior are to be held accountable today regardless of how relevant the data is? In that case I guess you should include all the viruses that affected Mac OS prior to Mac OS X.

2) It's marketing. It's their job to make a product look more positive than it is without lying. Apple has never claimed Mac OS X can't get malware. Do you not see the Security pane in System Preferences? Apple has even quarantined potential threats in several version of Mac OS, and now has a preference pane option for auto-updating a safe downloads list. This is Apple dealing with security, not ignoring it.

You obviously didn't read my rant on plasma TVs, where people still believe what was told to them 10 yrs ago. How many people believe Colombus discovered America? All I'm saying is that the general consensus out there is that Apple PCs are not susceptible to viruses and such, and Apple has done its fair share of keeping that misinformation alive. The vast majority of people do not read tech blogs or related sites and go on what they were told no matter how long ago it was.

"Few things are harder to put up with than the annoyance of a good example" Mark Twain"Just because something is deemed the law doesn't make it just" - SolipsismX

1) So something that occurred years prior are to be held accountable today regardless of how relevant the data is? In that case I guess you should include all the viruses that affected Mac OS prior to Mac OS X.

2) It's marketing. It's their job to make a product look more positive than it is without lying. Apple has never claimed Mac OS X can't get malware. Do you not see the Security pane in System Preferences? Apple has even quarantined potential threats in several version of Mac OS, and now has a preference pane option for auto-updating a safe downloads list. This is Apple dealing with security, not ignoring it.

As a matter of fact if you wanna do a lil test, go down to a Apple store or a best buy and act like an uneducated consumer, see what the salesperson says about Macs and viruses.

"Few things are harder to put up with than the annoyance of a good example" Mark Twain"Just because something is deemed the law doesn't make it just" - SolipsismX

is this a malware using a pdf file, or involving an adobe program? I thought it was just a file disguised as a pdf. Personally, I never use acrobat to open anything in the bowser anyway.

It's malware currently set up to spoof a legitimate looking PDF, but it can just as easily be modified to show as about any other file type. So far no worries, but take the advice not to open any emailed/forwarded attachment file you didn't expect even if you think you may know the sender. Easy to ask a known sender what they attached, and why open something from someone unknown?

I'm not even going to bother to get into any PC vs Mac virus debate, but I will say that I am glad that I don't have to run any virus program on my Macs.

As for this malware mentioned in the article, if it's delivered by an email attachment, then I'd say that the main people who are most at risk of getting it are stupid people. No OS is secure enough to protect morons from their own stupidity.

I also think that in certain cases, the death penalty would be an appropriate punishment for criminals behind email spam, malware and viruses.

Death is far too fast!

From Apple ][ - to new Mac Pro I've owned them all.Long on AAPL so biased"Google doesn't sell you anything, Google just sells you!"

You obviously didn't read my rant on plasma TVs, where people still believe what was told to them 10 yrs ago. How many people believe Colombus discovered America? All I'm saying is that the general consensus out there is that Apple PCs are not susceptible to viruses and such, and Apple has done its fair share of keeping that misinformation alive. The vast majority of people do not read tech blogs or related sites and go on what they were told no matter how long ago it was.

Have you even the slightest concept of the difference in actual successful 'viruses and such' attacks on Windows compared to OS X?

Anyone referring to 'Apple PCs' is clearly not in the loop. PC was a marketing term coined by IBM decades ago and refers to Wintel Boxes. The term Apple PC reminds of folks in the UK that have Electrolux hoovers (yes I know it's now a noun lol).

From Apple ][ - to new Mac Pro I've owned them all.Long on AAPL so biased"Google doesn't sell you anything, Google just sells you!"

I understand where all of you are coming from but when there's commercials running ad nauseum about how Mac OS does not get viruses (most people DO NOT know the difference between a virus, a Trojan horse or malware), then they are lulled into thinking they're computers are safe and will open whatever from whomever.

Let me know when the mac gets a virus or spyware. Any moron with half a brain could write a program that deletes a folder, and fool some really naive person into running it. No computer on this earth is safe from that. So I now you think this is one of those "gotcha" moments, but, you fail!

Wrong on several accounts. nVIR-A dates back to 1987 when System 4.1 was extant. This was something like eight years prior to System 7.5--not MacOS 7.5. However, Mac System Software through MacOS 8 were vulnerable to it. However, It could easily be eradicated by running one of the commercial Mac antivirus utilities like Symantec Antivirus for Macintosh or free Mac antivirus utilities like Disinfectant.

nVIR was easily modified and re-released over and over, and those mods infected the system file all the way up to 7.5 and more. Running an anti-virus did remove it, however, it left behind a highly-modified system file that often had to be replaced with clean install, a time consuming and frustrating task.

Sport, before you engage in correcting someone, verify your facts rather than just run-on at the mouth, OK?. Please allow me to point you in the right direction: http://en.wikipedia.org/wiki/NVIR

Or perhaps you could lighten up a little, there's no need to attack my statement the way you did. What were you trying to prove, anyway?

This is not "targeting OSX". Although OSX may be included in the "vulnerable systems" list, there really is a huge difference there.

Especially when the article goes on to say, basically, how it's really most dangerous for Windows machines

Come on. "Malware"? How about "Virus" or "Trojan"? Be as specific as the content of the article.

If it's really "TARGETING OSX", then I'd like to see the article reflect that. Otherwise, tone down the headline There's enough FUD in the world. I like it that I don't have to deal with it here much at AI now is not a good time to start.

/rant

Darn,

By grammar, point of topic, and articulation... I thought you were Steve there for a moment! Well stated!

Wait... What kind of PDF? Oh... An Adobe PDF... I really do wish I could purge Adobe for my Macs the way I once felt about Microsoft... I can't because I've never found an alternative to creative suite and let's face it there is still a lot of flash (some even for good reason).

Come to think of it Lightroom is the only Adobe product I'm really happy with...

Quote:
Originally Posted by dasanman69
I understand where all of you are coming from but when there's commercials running ad nauseum about how Mac OS does not get viruses (most people DO NOT know the difference between a virus, a Trojan horse or malware), then they are lulled into thinking they're computers are safe and will open whatever from whomever.

Quote:

Originally Posted by solipsism

1) Where are these commercials?

2) When did haven't yet been subjected to a barrage of viruses mean they can't possibly get viruses?

Get a Mac campaign is an example straight from Apple, though to date it is technically still true about viruses. There are, however, for Mac a total of around 20 Trojans but only within like the last 2 years.

Considering you can still get malware on windows 7, despite being a standard user and running full antivirus, by simply visiting the wrong link you are still far safer on OS X. On windows malware can infect a standard user, then when an admin logs in it will infect the entire system. This is simply not possible on OS X.

No system is safe, even with av or malware software the user is the weakest link. Educate yourself about the dangers of the web or you will get infected no matter what systems or software you use.

Obviously users should take care. But what actually happens if you open this trojan? Is there a removal process needed? I know that most users get along without anti-virus or security software with Macs, but would I be better off with commercial software?

nVIR was easily modified and re-released over and over, and those mods infected the system file all the way up to 7.5 and more. Running an anti-virus did remove it, however, it left behind a highly-modified system file that often had to be replaced with clean install, a time consuming and frustrating task.

Sport, before you engage in correcting someone, verify your facts rather than just run-on at the mouth, OK?. Please allow me to point you in the right direction: http://en.wikipedia.org/wiki/NVIR

Or perhaps you could lighten up a little, there's no need to attack my statement the way you did. What were you trying to prove, anyway?

Cheers, KOB

The link that you posted clearly states that nVIR-A, the specific variant of the nVIR virus that you mentioned, was released in 1987. In 1987, System 4.1 was the extant version of Macintosh System Software as I said before. You confirmed my statement.

You obviously didn't read my rant on plasma TVs, where people still believe what was told to them 10 yrs ago. How many people believe Colombus discovered America? All I'm saying is that the general consensus out there is that Apple PCs are not susceptible to viruses and such, and Apple has done its fair share of keeping that misinformation alive. The vast majority of people do not read tech blogs or related sites and go on what they were told no matter how long ago it was.

You have a valid point that Apple has not expended much effort contradicting the widely held belief that OSX is more secure. On the other hand, at least until very recently, (not sure about W7) that was correct, and was borne out by the almost total lack of Mac viruses, trojans or malware in the wild, so you can't really blame them for taking advantage of that situation. And it worked because there really were almost no negative effects of that, since the incidence of OSX infection with any of the above has been negligible to the point of non-existence.

Nothing in that observation is meant to imply that OSX could not be targeted successfully in the future, but we've been waiting a long time for the predictions of doom to come true.